<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class CheckUserLogin
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function handle(Request $request, Closure $next)
    {


       $bool= auth()->check();

       if (!$bool){

           return  redirect(route('admin.login'))->withErrors("请先登录");
       }
       //获取用户权限
       $auths = session('admin.auths');
    //   dd($auths);
       //判断当前用户是否为超级管理员


        if($auths !== true){
            //如果不是 则过滤 空权限，并合并公共权限
            $auths=array_filter(array_merge($auths,config('rbac.allow_route')));

            //通过$reques 获取 当前路由别名
            $currentroute=$request->route()->getName();
           // dd($currentroute);

            //如果当前网页不在权限中 则退回报错页面
            if (!in_array($currentroute,$auths)){

                return  redirect(route('admin.403'));
            }

        }




        return $next($request);
    }
}
